Security Engineer

Echo Neurotechnologies Corporation
San Francisco, United States of America
9 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 225K

Job location

San Francisco, United States of America

Tech stack

API
Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Bash
Cloud Database
Computer Security
Computer Programming
Databases
Federal Information Processing Standards (FIPS)
Identity and Access Management
Information Systems Security Architecture Professional
Python
Public Key Infrastructure
Powershell
Proprietary Software
Role-Based Access Control
Secure Coding
EndPointSecurity
Wi-Fi Technology
Google Cloud Platform
Transport Protocols
Security Orchestration, Automation & Response

Job description

We are seeking an experienced Security Engineer to lead security architecture, implementation, and maintenance of our cloud-based data platform, applications and medical devices. In this role, you will act as the primary technical expert working alongside our internal quality stakeholders and external security vendors. Your mission is to identify, implement, automate and monitor the various security aspects of our systems in a highly regulated environment. You will ensure our platform, application, and devices are secure and strictly adhere to our corporate standards and government regulations., * Own Overall Portfolio Security: Lead security across our portfolio of devices, including establishing security review processes for all new products and features.

  • Architect Security Posture: Establish a balanced, pragmatic approach to security architecture and overall defense posture.
  • Drive Product Lifecycle Security: Guide security features through the complete product lifecycle, from developing requirements and threat modeling to managing cybersecurity documentation, vulnerability tracking, and continuous monitoring.
  • Prototype & Educate: Prototype security requirements and educate the broader engineering team on secure coding best practices.
  • Collaborate Cross-Functionally: Work cross-functionally with internal software, hardware, quality, and regulatory teams. Own and manage relationships with external security vendors (e.g., penetration testing partners).

Requirements

  • Security Architecture: Strong foundations in secure architecture across cloud environments (AWS, Azure, GCP), API layers, and client-side applications (mobile/desktop) utilizing modern IAM, RBAC/ABAC, secret management and industry security best practices.
  • Device Security: Proven experience designing security controls for local device connections (BLE, Wi-Fi, USB) and executing device-level access controls, utilizing PKI for secure device provisioning and identity management.
  • Network & Data: Deep understanding of secure transport protocols (HTTPS/TLS) and data cryptography algorithms (e.g., ECDH, ECDSA, AES-GCM) for data at-rest and in-transit.
  • Lifecycle Risk & Threat Modeling: Hands-on experience executing threat modeling (STRIDE, Attack Trees), assessing vulnerability severity via CVSS, and monitoring threat databases (NIST NVD, CISA KEV) to mitigate risks.
  • Security Automation: Proficient in programming (e.g., Python, Bash, or PowerShell) to identify and address security gaps, automate security workflows and build custom tooling.
  • Cross-Functional Leadership & Education: Proven ability to lead cross-functional engineering teams, mentor developers, and communicate technical designs, risks, and mitigations clearly to stakeholders., * Experience working with PHI / PII
  • Prior experience securing connected physical devices or embedded systems
  • Hands-on experience with security controls in the Azure ecosystem.
  • Experience working within a formal Quality Management System (QMS) and following strict procedures for traceabilities, design inputs, and risk documentation.
  • Familiarity with medical device cybersecurity frameworks, risk management standards, and regulations (e.g., FDA Section 524B, ISO 14971, FIPS-3)

Benefits & conditions

Pulled from the full job description

  • 401(k) matching
  • Stock options, * An opportunity to work on exciting, cutting-edge projects to transform patients' lives in a highly collaborative work environment.
  • Competitive compensation, including stock options.
  • Comprehensive benefits package.
  • 401(k) program with matching contributions.

About the company

Echo Neurotechnologies is an exciting new startup in the Brain-Computer Interface (BCI) space, driving innovation through advanced hardware engineering and AI solutions. Our mission is to deliver cutting-edge technologies that restore autonomy to people living with disabilities and improve their quality of life.

Apply for this position